Reputation: 46890
Creating process.env variables using AWS Amplify?
With serverless we can add process.env variables by creating a configuration file entry like this:
environment:
STRIPE_SECRET_KEY: ${self:custom.secrets.stripeSecretKey} # Stripe secret API key
And we can access it in our lambda function like this:
const stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);
How do we do this with AWS Amplify?
Upvotes: 20
Views: 15968
Answers (4)
Reputation: 2896
For secrets such as Stripe API keys, they should never be visible to a user.
With Amplify CLI you can add a secret to each lambda function which will allow you to access a secret for each environment. View here
You can run amplify function update for existing functions or when you create a amplify function add there will be a prompt to add a secret.
Here is sample node lambda code to access the secret:
const { SSM } = require('aws-sdk');
...
const { Parameters: [ stripeSecretData ] } = await ( new SSM() )
.getParameters({
Names: [ 'STRIPE_SECRET_KEY' ].map(secretName => process.env[ secretName ]),
WithDecryption: true
})
.promise();
STRIPE_SECRET_KEY = stripeSecretData.Value;
When you checkout into another environment and push you will be prompted to add a secret for that new environment if one doesn't exist.
Note there is costs for using AWS secrets manager https://aws.amazon.com/secrets-manager/pricing/ and you must create 1 secret per lambda function.
Upvotes: 0
Reputation: 110
After a year+ of development using amplify framework I figured that you can only specify ENV VARIABLE form from your front-end build process. for lambdas it's a bit tricky. You can add a condition "IsProductionEnv" which is going to place value to ENV Variables for that function depending on amplify env.
for production I use "prod" you can use whatever you want.
go to your amplify/backend/function/{functionName} folder.
there should be {functionName}-cloudformation-template.json file.
you need to add one more item to "Conditions" object:
"Conditions":{
...,
"IsProductionEnv": {
"Fn::Equals": [
{
"Ref": "env"
},
"prod"
]
}
}
then you need to use that condition at "Resources.Properties.Environment.Variables" :
"Environment": {
"Variables": {
...,
"STRIPE_PK": {
"Fn::If": [
"IsProductionEnv",
"pk_live_...",
"pk_test_..."
]
}
}
}
I have "dev" and "prod" amplify env names. it will handle your deployments and manage your env variables based on env for that function.
Upvotes: 1
Reputation: 787
Using Amplify environment variable in lambda is unavailable at the moment.
Btw, what you can do is referring to the name of backend environment in lambda.
It would be automatically set if you create lambda with amplify.
For example, you can get the name of your backend environment name with os.environ['ENV'] in python lambda.
Upvotes: 1
Reputation: 110
You can add variables at your Amplify environment configuration. You can also add variable overrides and select a branch that's gonna use it.
DOCS: https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html
Upvotes: 4
Related Questions
- AWS Lambda Environment Variables not set, process.env undefined in Node
- aws amplify - process.env.API_KEY is undefined
- How to add environment variables to AWS amplify?
- How to add environment variables to lambda function that is being developing locally?
- nodejs process.env variables not working in aws lambda
- Amplify save environment variables to backend
- How to set up node.js process.env variables for production with an Amazon EC2 instance?
- How get Environment Variables from lambda (nodejs aws-sdk)
- How to set/update environment variables for a lambda function using Node SDK
- How to use encrypted environment variables in AWS Lambda?